f9f1c1cd2a65b234e4e81ad807a47b3a321bba25c4586a4feb72b385dbe29f92

Sharing

Copy URL

Twitter E-mail

General

Target

f9f1c1cd2a65b234e4e81ad807a47b3a321bba25c4586a4feb72b385dbe29f92
Size

279KB
MD5

932df02f3f5ed6a2b530896e1da28970
SHA1

7abecd09d079b17eab7b3fd5e98368274e56651f
SHA256

f9f1c1cd2a65b234e4e81ad807a47b3a321bba25c4586a4feb72b385dbe29f92
SHA512

e4da4666e0dc8b1b138f79735bb29a088091f8130504d5ebeb12c21b8a070eaf1a4ed039dff14d319d460c68e243ca7afe999d3aaba311f8f06d822b06093b75
SSDEEP

6144:MQ0BiFzbW4elmRGygkDI94phMxvDVXj3zC2itamjQf9RF0gqmK:MQz1eg7gknhQVTzYvjQbFg

Score

N/A

Malware Config

Signatures

Files

f9f1c1cd2a65b234e4e81ad807a47b3a321bba25c4586a4feb72b385dbe29f92
.exe windows x86

7d6d3fd01342f0fb7f28c52b3d2117c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

untfs

Format
Recover
Chkdsk
Extend
ChkdskEx
FormatEx

msvcrt

_initterm
malloc
wcslen
_except_handler3
realloc
??3@YAXPAX@Z
swprintf
wcscmp
wcscat
?terminate@@YAXXZ
__CxxFrameHandler
??1type_info@@UAE@XZ
_adjust_fdiv
free
wcsncpy
??2@YAPAXI@Z

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
NdrOleFree
CStdStubBuffer_CountRefs
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Invoke
NdrDllRegisterProxy
CStdStubBuffer_Disconnect
NdrDllUnregisterProxy
IUnknown_AddRef_Proxy
CStdStubBuffer_Connect
NdrDllCanUnloadNow
NdrOleAllocate
CStdStubBuffer_IsIIDSupported
NdrDllGetClassObject
CStdStubBuffer_QueryInterface
NdrCStdStubBuffer_Release

user32

EnableWindow
GetDlgItem
SetWindowTextW
MapWindowPoints
MessageBoxW
GetDialogBaseUnits
LoadImageW
DrawTextW
DialogBoxParamW
GetParent
CreateDialogParamW
CopyRect
GetWindowLongW
SendMessageW
CharNextW
SetDlgItemTextW
SetWindowLongW
SystemParametersInfoW
SendDlgItemMessageW
GetSystemMetrics
SetWindowPos
GetDlgItemTextW
GetWindow
LoadStringW
DestroyWindow
EndDialog
ShowWindow
GetClientRect
SetFocus
GetWindowRect

kernel32

lstrcpynW
FlushInstructionCache
InterlockedIncrement
HeapDestroy
SetUnhandledExceptionFilter
SizeofResource
GetCurrentProcessId
LeaveCriticalSection
lstrcmpiW
GetCurrentProcess
GetProcessHeap
lstrcpyW
FormatMessageW
GetLastError
FreeLibrary
GetProcAddress
GetUserDefaultLCID
DeleteCriticalSection
VirtualFree
MultiByteToWideChar
HeapAlloc
InterlockedDecrement
lstrlenW
OutputDebugStringA
LoadResource
QueryPerformanceCounter
GetModuleFileNameW
GetTickCount
EnterCriticalSection
lstrlenA
SetLastError
GetSystemTimeAsFileTime
GetSystemInfo
lstrcatW
HeapFree
GetEnvironmentStringsA
FindResourceW
LoadLibraryA
LocalFree

gdi32

SetBkMode

advapi32

GetTraceEnableLevel
TraceMessage
RegQueryValueExW
RegEnumKeyExW
RegisterTraceGuidsW
RegCloseKey
UnregisterTraceGuids
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
GetTraceEnableFlags
GetTraceLoggerHandle
RegOpenKeyExW
RegSetValueExW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoSetProxyBlanket
CoCreateInstance

netshell

HrGetIconFromMediaType

shell32

SHGetFolderPathW
ShellExecuteW

Sections

text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d6d3fd01342f0fb7f28c52b3d2117c5

Headers

DLL Characteristics

File Characteristics

Imports

untfs

msvcrt

rpcrt4

user32

kernel32

gdi32

advapi32

ole32

netshell

shell32

Sections

text Size: 86KB - Virtual size: 86KB

.rdata Size: 190KB - Virtual size: 189KB

.rsrc Size: 1024B - Virtual size: 650B

text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 190KB - Virtual size: 189KB

.rsrc
Size: 1024B - Virtual size: 650B